I somehow struggled my way through these challenges but didn't really feel like I understood the material. Your explanation was much better than the written material
I really loved to study cybersecurity for the past month but after I got to this point i gave up convincing myself that i am too stupid for all of this since i couldnt understand a single word they wrote on the site but after coming across this video and reading the comments i decided i am going to try again, thank you
Try Hack Me has a beginner course called How the Web Works or something like that. If you’re getting a little lost on this video I’d try that course out
Thank you for a thorough and concise tutorial. There is no way I could have completed that challenge without your help. Now I just need to do it another five times and I might be able to remember how to do this! Keep up the GREAT work!
I thought it was well done! the best break down I've seen out here. I'm glad to have subscribed and will check out the rest of the vids. Keeo up the great work!
New Subscriber! Awsome work, my brother! Keep them coming! You are explaining in such an easy way, its easy to understand! Natural talent! Keep it up! :))))
In challenge 1, it was specified in the page that we have to use post req and yet we used get in this part of curl "-d 'method=get&file=/etc/flag1'. Why is it so? Can someone please explain this to me? Thanks!
Great walk through. The question I have, is how does changing the cookie to a file path work. I saw you do it. But I do not understand how or why it works.
Thanks for video! Somehow I am unable to execute RFI tasks - no code executed neither from my local web server nor from external ones, even the simpliest scripts or shells, according to server logs - vulnerable host not getting it from my server and showing blank "File content preview". Cheated to read /etc/hostname via simple LFI ;(
did you modify the scripts? for example on the php-reverse-shell script you need to open in an editor [nano/subl/vi] and change the IP and port to your local attack machine and port you want to catch the reverse shell back on? Then open net cat listener for example [nc -lvnp 4444] and then execute the command on victim machine and you should catch that shell
you can learn some thing in Authentication Bypass room. The PHP $_REQUEST variable is an array that contains data received from the query string and POST data. If the same key name is used for both the query string and POST data, the application logic for this variable favours POST data fields rather than the query string
Thanks! Just a quick question about playground challenge. What is the difference between apache server and python3 that you used? And why is apache using my IP and python using VPN IP?
That’s a good question but best guess is if the Apache web server is using your WAN IP that would be available through the internet while the python web server would only be reachable on the local 10.10.X.X network you’re connected to through the VPN. Once you set up the python web server you can connect to it through the browser by putting in your local IP address
thanks for the walkthrough. I think it could have been slightly more in-depth in describing why you did certain things. but wow, the low quality of this tryhackme lesson itself was mind-boggling and painful to go through.
Was having a bit of trouble with the reverse shell at the end of the video. I'm using kali and ran the command 'locate webshells | grep php' to find where my php webshells were and then I ran the webserver from the directory that php-reverse-shell.php is in. But when I use that as the payload I got an error that said: WARNING: Failed to daemonise. This is quite common and not fatal. Warning: fsockopen() [function.fsockopen]: unable to connect to 127.0.0.1:1234 (Connection refused) in 10.13.49.109:8000/php-reverse-shell.php on line 100 I looked at the script at line 100 which says: $sock = fsockopen($ip, $port, $errno, $errstr, 30); If you scroll to the top of the script there's comments that tell you to edit the variables $ip and $port I only edited the ip to match my local IP on the 10.10.x.x network - the one you get when you run ifconfig. The port in the script is set to 1234 so I ran: nc -lvp 1234 as the listener. After I did all this the reverse shell worked for me.
Well done, much better explanations than the provided material. I really think they need to revise or flesh out some of these labs, for example some of the tools that may be helpful such as burp suite aren't covered until later in the path. I ran into a similar issue when they were talking about decoding sha, md5, and base64, they gave you a link to help you with the later but not the base64, later in the path they provided a link. Funny enough it was the one I just happened upon to complete the lab.
How would anyone who's a beginner be able to figure out these last few tasks without a video like this? They cannot possibly expect people to be able to solve these with such poor instructions. It makes me feel like I'm trying to tackle something that's just not possible.
this is the best walkthrough on FI- Thanks for the post! One quick question : I cannot navigate to the tools>php.reverseshell to gain RCE, please assist if you can?
you tell me why we could not do it with burp suite and we could do it with curl, and can you explain the commands you wrote in curl, I need to understand please :)
Thank you!!! Really appreciate the time you put in to this. It was a big help with my limited time to study! I could not repeat the very last bonus challenge. My attack box is not using a TryHackMe accout, only root and I don't the same files and folder on it. I wonder why the attack boxes are so different. Thanks for doing it though.
im just curious about this... you have to use without know anything Burpsuite? when the burpsuite room is on the next module? this room is a bit hard for people like us.
@@MotasemHamdan i decided to stop this room for a while and start the other easy modules about the web fundamentals and Comptia Pentest+, because i need more logic and more understanding about how this works.
Hello Motasem, thank you for taking the time to make this video. I would have never finished without you help. The one thing that really confuses me is using burp on the THM vm. So I basically followed along from there. Is there a way to complete the challenge without burb? Thanks again, Ed
Very well done sir, I needed a little help with the final 3 questions and you're 'answers' were perfect. Using curl to switch the methods was a great idea, I tried it with Burpsuite but it wasn't working for some reason.
@@slybandit8117 Yeah I managed to finish the room, I had to do the CURL method too I still don't know why burpsuite didnt work?! lol thanks for replying
Is it possible to use the method as suggest in the Task? edit the method as POST in the Web Developer. I know Burp suit is an option, but this module comes after the RFI task are completed in the learning path
thanks for the help brother. I didn't just want the answers so I'm happy I came across your channel so I could actually learn step by step. that made much more sense then the verbage they had.
They show you basic stuff then when you need to practice that stuff,they add allot of more that they didnt explain to you. This is why i canceled my sub,and im switching to HTB Academy in first july.
انا لقيت اسمك عربي فسمحلي اكتب بالعربي فبجد مجهود رائع وشرح سهل ومبسط كمان اخر جزء في الفيديو كان رهيب. حقيقي فخور ان في مسلمين بالمهارة دي. اتمنى أوصل لمستوى حضرتك.
All in all, THM is a great platform and I guess you know that there is no platform that is perfect :) I have had my own share of tech problems in HTB too.
When right-klickinh in the proxy Tab you will see the option "change method". It will also change a bit of the structure of the request. Hope that helps
Challenge 3 and the last challenge remote execution were very difficult. After spending over 1.5 hours, I decided just to use your answer so I can move on to the next stage. ..